While preparing the infrastructure for migrating RTFM from the DigitalOcean server to AWS (see AWS: basic infrastructure setup for WordPress) I decided to also try AWS ALB mutual authentication (for some reason I thought this feature launched at the last re:Invent, at the end of 2024, but it’s actually been around since late 2023 –… Read More »
I looked at the costs for the infrastructure described in the previous post AWS: basic infrastructure setup for WordPress, and let out a heavy sigh: One NAT Gateway is a quarter of my AWS spend, and even with AWS Credits I can’t help feeling a bit stingy about it. There’s an option to remove the… Read More »
It’s time for a major server upgrade for RTFM, which I usually do by migrating to a new server – because I also do various other upgrades along the way, like upgrading the PHP version or even migrating to a different cloud. This time I’m planning to move from DigitalOcean, where RTFM has been hosted… Read More »
I had been thinking about trying MikroTik for a long time, but I was always a bit too lazy to delve into RouterOS. Finally, riding the wave of the Home NAS project setup (see the beginning in FreeBSD: Home NAS, part 1 – setting up ZFS mirror), I decided it was time to upgrade my… Read More »
For a couple of months now, my work laptop, a Lenovo ThinkPad T14 Gen 5 running Arch Linux, has been having trouble opening new websites – for the first 10-15 seconds, the site loads in “pieces”, for example: But then it “wakes up”, and everything starts working perfectly: Finally, when I started setting up a… Read More »
Got an alert from the monitoring system this morning, indicating that the blog is down: Well, I thought: another one DDoS, not the first time. Investigating the issue I went to the Cloudflare admin, enabled the Under Attack Mode, and started the investigation. Checked the requests: I think, okay, it’s simple – requests are coming… Read More »
In the previous post, FreeBSD: WireGuard VPN, Linux peer and routing between networks, we set up a VPN to connect two networks – my office and home – and everything is working perfectly. However, currently, to connect to any host in the networks, you have to specify an IP address. Of course, you could manually… Read More »
I am continuing to set up my home server on FreeBSD 14.3, which is intended to serve as a NAS. In the previous post, FreeBSD: introduction to Packet Filter (PF) firewall, we got acquainted with firewalls; the next step is to configure a VPN for access. The main idea is to (finally!) connect my “office”… Read More »
I’m continuing to gradually set up my home NAS on FreeBSD, and the first thing I want to dive into is FreeBSD firewalls. I used to work with IPFW back in the day – FreeBSD: initial setup of IPFW, from 2012. Currently, there are three “built-in” firewalls in the system – Packet Filter (PF), IP… Read More »
It’s difficult to describe in one post what thousands of books have been written about in a thousand pages, but today we’ll try to quickly review the basics of how hosts communicate on a network. First, let’s talk about the OSI and TCP/IP models, then about packet structure and connection establishment, and finally, we’ll look… Read More »